Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

After update to 38.1.0 I get - ssl_error_handshake_unexpected_alert

  • 7 antwoorde
  • 2 hierdie probleem
  • 53 views
  • Laaste antwoord deur christ1

more options

Server uses these settings for POP3: port 995 Connection Security: SSL/TLS Authentication method: Normal password

After the updt to 38.1.0 it's just freez with "Connected to mail.serv.xxx". In Error Console I can see like something about handshaking and this: ssl_error_handshake_unexpected_alert

On another PC I have now TB 31.2.0 and all the same (mail server and settings) - no such problems.

So now I can check my mail only without "Connection Security" and at port 110.

Please stop doing it :( New update - new problems :(

Server uses these settings for POP3: port 995 Connection Security: SSL/TLS Authentication method: Normal password After the updt to 38.1.0 it's just freez with "Connected to mail.serv.xxx". In Error Console I can see like something about handshaking and this: ssl_error_handshake_unexpected_alert On another PC I have now TB 31.2.0 and all the same (mail server and settings) - no such problems. So now I can check my mail only without "Connection Security" and at port 110. Please stop doing it :( New update - new problems :(

Gewysig op deur booya

Gekose oplossing

I have to set security.tls.version.fallback-limit = 1

That would allow Thunderbird an insecure fallback to TLS version 1.1 or 1.0, which wouldn't be allowed by default. See https://support.mozilla.org/en-US/questions/1051530

I think my provider will not change anything about it and I will find another one

Finding a new provider sounds like a good idea.

server does not support RFC 5746, see CVE-2009-3555

See https://wiki.mozilla.org/Security:Renegotiation

Lees dié antwoord in konteks 👍 1

All Replies (7)

more options
more options

christ1 said

Can you post a screenshot of the error? http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem

Sure, but I have a russian ver. of Thunderbird. Sorry.

So when I'm not using any SSL-coonection (first part of a screenshot), TB can check mail and error log is clean. But with SSL (second part), log says about an error during connection to a server and:

SSL peer was not expecting a handshake message it received. (Error code: ssl_error_handshake_unexpected_alert)

Thank you!

Gewysig op deur booya

more options
more options

Thank you for the answer and for the links.

So how can I solve the problem?

Now I have 38.3.0 and on another PC still 31.2.0. So I'm still using PO3 at 110 port without any SSL and on 31.2.0 I can use port 995 and SSL/TLS. Mail server is the same.

Gewysig op deur booya

more options

You should talk to your email provider. My best guess is their server configuration is screwed. Or find a new provider where you can use SSL/TLS properly.

more options

My email privider answered me:

I have to set security.tls.version.fallback-limit = 1

I did it and it works, but now I have to press F5 (to check mail) twice.

I think my provider will not change anything about it and I will find another one, but my friend have 2000 visiting cards with with buggy provider...

I have another question - I've registered mail server at another provider (it's mine domainm, but mail server not) and now I can see:

server does not support RFC 5746, see CVE-2009-3555

when sending messages (SSL/TLS, 465 port, Normal Password). Is that bad?

Is it better anyway than my previous provider? At least it's mine domain and I can change provider when I want.

Thank you!

Gewysig op deur booya

more options

Gekose oplossing

I have to set security.tls.version.fallback-limit = 1

That would allow Thunderbird an insecure fallback to TLS version 1.1 or 1.0, which wouldn't be allowed by default. See https://support.mozilla.org/en-US/questions/1051530

I think my provider will not change anything about it and I will find another one

Finding a new provider sounds like a good idea.

server does not support RFC 5746, see CVE-2009-3555

See https://wiki.mozilla.org/Security:Renegotiation